PGP Encryption Settings
- Open BlueMail.
- Go to Settings.
- Go to Privacy & Security.
- Select End-to-end Encryption from the security options.
- Select PGP Encryption.
You will see two main actions:
- Generate New Key Pair
- Import Existing Keys
Below these options, you’ll find:
- Active PGP Configuration – the key pair currently used for encryption and signing.
- All Keys – a list of all keys stored in the app.
Option 1: Generate a New PGP Key Pair
If you are new to PGP or want to create separate keys for your BlueMail account:
- Tap Generate New Key Pair.
- BlueMail will automatically create a secure public/private key pair for your account.
- Once generated, the new keys will appear under Active PGP Configuration.
- Your account will now use these keys to encrypt and sign outgoing emails.
What Happens When You Generate a Key Pair?
- Public Key: Shared with others so they can send you encrypted messages.
- Private Key: Stored securely on your device and used to decrypt incoming mail.
Important: Never share your private key with anyone.
Option 2: Import an Existing PGP Key
If you already have PGP keys (for example, from GnuPG, ProtonMail Bridge, OpenKeychain, etc.), you can import them into BlueMail.
How to Import Your Key
- Tap Import Existing Keys.
- In the Private key field, paste your ASCII-armored private key block.
- If your private key is protected with a passphrase, enter it in the Private key passphrase field.
- Tap Import keys to finalize.
BlueMail will validate and store your key pair. Once imported, your key will appear under Active PGP Configuration.
Before You Import
- Ensure you trust the origin and authenticity of your key.
- If your private key is not passphrase-protected, consider adding one for better security before importing.
Managing Your PGP Keys
After generating or importing keys:
- The Active PGP Configuration displays the key currently used for encryption and signing.
- The All Keys section lists every PGP key available in BlueMail.
- You can switch active keys or remove old ones as needed.
Safe PGP Use
- Back up your private key securely. Losing it means you cannot decrypt messages encrypted for that key.
- Protect your passphrase and avoid storing it in plain text.
- Share only your public key, never your private key.
- Verify public keys received from others to avoid man-in-the-middle attacks.
Troubleshooting
“Invalid Key Format”
Ensure that:
- The key is in ASCII-armored format (starts with
-----BEGIN PGP PRIVATE KEY BLOCK-----). - The full key block is pasted, including header and footer.
“Wrong Passphrase”
Check:
- That you are using the exact passphrase used when the key was created.
- There are no extra spaces when pasting.
Keys Not Appearing
Try:
- Restarting BlueMail.
- Re-importing the key pair.
- Verifying that both public and private keys are included in your export.